Re: [PATCH v4 4/4] x86/boot/KASLR: Restrict kernel to be randomized in mirror regions

Sun, 09 Jul 2017 19:50:25 -0700 

On Mon, Jul 10, 2017 at 09:47:29AM +0800, Baoquan He wrote:
>On 07/09/17 at 07:11am, Kees Cook wrote:
>> On Sun, Jul 9, 2017 at 5:37 AM, Baoquan He <b...@redhat.com> wrote:
>> > Signed-off-by: Baoquan He <b...@redhat.com>
>> > +/* Marks if efi mirror regions have been found and handled. */
>> > +static bool efi_mirror_found;
>> 
>> I think this is only ever checked once? How about having
>> process_efi_entries return bool to indicate if mirror was found? Also,
>> that function should be behind #ifdef. Let's do something like this:
>> 
>> 
>> > +
>> > +static void process_efi_entries(unsigned long minimum,
>> > +                               unsigned long image_size)
>> 
>> #ifdef CONFIG_EFI
>> /* Returns true if mirror region found (and further scanning should stop) */
>
>Well, here it might be not like that. The mirror regions could be multiple,
>we need find and process each of them to add slots. 

Yes, in my test, I found the memory situation is like this:

0-1325M:        mirror  (this scope contains tens of entries)
1532M-2303M:    non-mirror
4G-128G:        non-mirror
129G-154G:      mirror
154G-231G:      non-mirror

Thanks,
Chao Fan

>
>> static bool process_efi_entries(...)
>> {
>> ...
>> }
>> #else
>> static inline bool process_efi_entries(...)
>> {
>>     return false;
>> }
>> #endif
>> 
>> Then:
>> 
>> > +#ifdef CONFIG_EFI
>> > +       process_efi_entries(minimum, image_size);
>> > +       if (efi_mirror_found)
>> > +               return slots_fetch_random();
>> > +#endif
>> 
>> Can become:
>> 
>> if (process_efi_entries(minimum, image_size))
>>     return slots_fetch_random()
>> 
>> and no #ifndef needed here.
>> 
>> > +
>> >         process_e820_entries(minimum, image_size);
>> >         return slots_fetch_random();
>> >  }
>> > @@ -652,7 +708,7 @@ void choose_random_location(unsigned long input,
>> >          */
>> >         min_addr = min(*output, 512UL << 20);
>> >
>> > -       /* Walk e820 and find a random address. */
>> > +       /* Walk available memory entries to find a random address. */
>> >         random_addr = find_random_phys_addr(min_addr, output_size);
>> >         if (!random_addr) {
>> >                 warn("Physical KASLR disabled: no suitable memory 
>> > region!");
>> > --
>> > 2.5.5
>> >
>> 
>> Otherwise, if the EFI logic is good, this looks sensible.
>> 
>> Thanks for splitting up the patches!
>> 
>> -Kees
>> 
>> -- 
>> Kees Cook
>> Pixel Security
>
>

Reply via email to